Enterprise Security
White Paper: Cyber Security After the Pandemic
The pandemic’s legacy for cyber security should be a secure innovation culture; convergence of network and security at the edge; better segmentation of network domains at home; and concerted action against ransomware. View the White Paper
Briefing: Vodafone Business Makes Security Bets
Vodafone Business is finally making a respectable commitment to security services. Trebling security revenues by 2025 looks achievable. View the briefing
Guest Blog: “The Four ‘P’s of 5G Network Visibility”
My guest blog for Palo Alto Networks, setting out the “Four ‘P’s of 5G Network Visibility”: visibility into protocols, perimeters, permissions and partners.” View the blog
Briefing: A Way to Turn the Tide on Fake News
Facebook, YouTube and Twitter aren't going to reduce the risk posed by Fake News down to the minimal level needed on their own. It's time they collaborated to get this done - here's how.
Briefing: New Standards for Securing AI
ETSI is doing some excellent work to fill a glaring gap in cyber security standards - how you secure AI algorithms.
Briefing: Deploying STIR/SHAKEN as a Service
All but the largest telecom operators should be looking at deploying the STIR/SHAKEN standard for blocking unwanted calls as a service, managed by a vendor partner, rather than building out their own infrastructure.
White Paper: What to Expect from MDR and MDR Providers
Managed Detection and Response (MDR) is a critical cybersecurity service category. Sponsored by AT&T, Secureworks, Fortinet and ElevenPaths, this White Paper guides users on what to expect both from their provider and themselves in an MDR partnership.
Briefing: MITRE’s ATT&CK Evals Are Out: Cheers!
The new MITRE ATT&CK Evaluations offer free access to high quality, comparative data on EDR product detection capabilities against APTs on an unprecedented scale. Those that need to - and know how to - can make good use of this data.
Briefing: New STIX & TAXII Releases Approved
The new open standard STIX and TAXII 2.1 releases have been approved by OASIS. A new self-certification program should help drive adoption and enable SOC teams to arrive at faster time to detection and time to mitigation.
Briefing: Orange Funds New CI/CD Security Tool
Orange Polska has released Mixeway, an open source CI/CD security orchestration tool. It needs a lot more work but the GUI and aspiration to correlate vulnerability testing across security tools make it worth taking a look at.
White Paper: A New Era in Trusted Network Security Testing
By defining open and transparent network security testing specifications, the leading NGFW vendors supporting NetSecOPEN are looking to usher in a new era in trusted network security testing.
Briefing: Telcos Invest in Fake Infrastructure
Some telcos are investing in deception technology. According to Attivo Networks, one telco customer found enough unauthorized and malicious behaviour by employees to warrant firing them on the spot. There are telecom infrastructure use cases too.